Security Automation and Optimization using HP-NA Florian Ecard SNE - - PowerPoint PPT Presentation

▶

Jun 21, 2023 349 likes •484 views

Security Automation and Optimization using HP-NA Florian Ecard SNE master student Supervisor: Olivier Willm 4 th February 2015 Security Automation and Optimization using HP-NA - What is HP Network Automation? - What were the objectives with

SLIDE 1

Security Automation and Optimization using HP-NA

Florian Ecard

SNE master student Supervisor: Olivier Willm 4th February 2015

SLIDE 2

2

Security Automation and Optimization using HP-NA

What is HP Network Automation?
What were the objectives with it?
CVE retrieval automation using HP-LNc
Integrity of the configuration's Security
New HP-NA certificate
SSH keys

SLIDE 3

3

Evaluate the software capabilities to audit the

configurations about potential security issues from the CVE database.

How to automatically check the configuration's security

integrity?

How does it fit in an overall network security improvement

process?

Research question

SLIDE 4

4

HP-LNc Installation & Configuration

Linux Redhat server
Use of the CLI
Choose the products
Two users & passwords
Automation using HP-NA

→ Documentation

SLIDE 5

5

Automate the configuration integrity checking

What kind of configuration is verified?
Cisco IOS
Cisco NXOS
Why checking their integrity?

SLIDE 6

6

Automate the configuration integrity checking

What is being checked?
ACLs, AAA & Usernames
Features & VTY
NTP
Logging facilities
How was it done with HP-NA?
Create groups, policies and tasks

SLIDE 7

7

CA-signed HP-NA certificate

What for?
What are the .keystore and .truststore files?
What steps should be followed?
public key generation
CSR generation
1 + 3 certificates returned

And the result is → → →

SLIDE 8

8

CA-signed HP-NA certificate

SLIDE 9

9

CA-signed HP-NA certificate

The problems were due to … Stupidity! :-(
Asked for a www

→ Documentation

SLIDE 10

10

Problems encountered

User accounts access
HP-NA unavailability
HP-LNc configuration entered using vim
HP-LNc user access & privileges
Certificates

SLIDE 11

11

Conclusion

RESEARCH QUESTION:

Evaluate the software capabilities to audit the

configurations about potential security issues. Define specific policies from the CVE database.

How to automatically check the configuration's security

integrity?

How does it fit in an overall network security

improvement process?

SLIDE 12

12

Future work
Perl API
SSH keys checking

Conclusion

SLIDE 13

Security Automation and Optimization using HP-NA

Florian Ecard

SNE master student Supervisor: Olivier Willm 4th February 2015

2

Security Automation and Optimization using HP-NA

3

configurations about potential security issues from the CVE database.

integrity?

process?

Research question

4

HP-LNc Installation & Configuration

→ Documentation

5

Automate the configuration integrity checking

6

Automate the configuration integrity checking

7

CA-signed HP-NA certificate

And the result is → → →

8

CA-signed HP-NA certificate

9

CA-signed HP-NA certificate

→ Documentation

10

Problems encountered

11

Conclusion

RESEARCH QUESTION:

configurations about potential security issues. Define specific policies from the CVE database.

integrity?

improvement process?

12

Conclusion

13

Security Automation and Optimization using HP-NA Questions ?? :-)